Pin versions in apt get install. Instead of
apt-get install <package> use apt-get install <package>=<version>25WORKDIR /home/docker
26
27# Install the packages and dependencies along with jq so we can parse JSON (add additional packages as necessary)
28RUN apt-get install -y --no-install-recommends \29 curl gnutls-bin openssl nodejs wget unzip vim git jq build-essential libssl-dev libffi-dev python3 python3-venv python3-dev python3-pip docker.io \
30 libjpeg-dev libjpeg-turbo8-dev libturbojpeg git-lfs ccache
31Pin versions in apt get install. Instead of
apt-get install <package> use apt-get install <package>=<version>22RUN apt-get update -y && apt-get upgrade -y && useradd -m docker
23
24# Install the packages and dependencies along with jq so we can parse JSON (add additional packages as necessary)
25RUN apt-get install -y --no-install-recommends \26 curl gnutls-bin openssl nodejs wget unzip vim git jq build-essential libssl-dev libffi-dev python3 python3-venv python3-dev python3-pip docker.io \
27 sudo libjpeg-dev libjpeg-turbo8-dev libturbojpeg git-lfs ccache
28Pin versions in apt get install. Instead of
apt-get install <package> use apt-get install <package>=<version> 48 echo "${TZ}" > /etc/timezone
49
50# Install gcc/g++
51RUN apt-get install --no-install-recommends -y \ 52 gcc-10 g++-10 && \
53 rm -rf /var/lib/apt/lists/* && \
54 update-alternatives --install /usr/bin/gcc gcc /usr/bin/gcc-10 100 --slave /usr/bin/g++ g++ /usr/bin/g++-10 --slave /usr/bin/gcov gcov /usr/bin/gcov-10Pin versions in apt get install. Instead of
apt-get install <package> use apt-get install <package>=<version> 28 curl https://packages.cloud.google.com/apt/doc/apt-key.gpg | apt-key add -
29
30# Install Required Ubuntu Packages
31RUN apt-get update && apt-get install --no-install-recommends -y \ 32 build-essential gfortran cmake git gdb file tar libatlas-base-dev apt-transport-https iputils-ping \
33 libavcodec-dev libavformat-dev libswresample-dev libcanberra-gtk3-module zstd wget less \
34 libeigen3-dev libglew-dev libgstreamer-plugins-base1.0-dev udev net-tools \Pin versions in apt get install. Instead of
apt-get install <package> use apt-get install <package>=<version> 58 echo "${TZ}" > /etc/timezone
59
60# Install gcc/g++
61RUN apt-get install --no-install-recommends -y \ 62 gcc-10 g++-10 && \
63 rm -rf /var/lib/apt/lists/* && \
64 update-alternatives --install /usr/bin/gcc gcc /usr/bin/gcc-10 100 --slave /usr/bin/g++ \Pin versions in apt get install. Instead of
apt-get install <package> use apt-get install <package>=<version> 39 echo "deb [arch=amd64 signed-by=/usr/share/keyrings/bazel-archive-keyring.gpg] https://storage.googleapis.com/bazel-apt stable jdk1.8" | tee /etc/apt/sources.list.d/bazel.list
40
41# Install Required Ubuntu Packages
42RUN apt-get update && apt-get install --no-install-recommends -y iputils-ping \ 43 build-essential gdb wget less udev zstd sudo libgomp1 libswscale-dev \
44 cmake git libgtk2.0-dev pkg-config libavcodec-dev libavformat-dev tzdata \
45 libtbb2 libtbb-dev libjpeg-dev libpng-dev libtiff-dev tzdata net-tools \
Description
Version pinning forces the build to retrieve a particular version regardless of what’s in the cache. This technique can also reduce failures due to unanticipated changes between versions of dependencies.
You can read more about version pinning here
Bad Practice
FROM debian:buster
RUN apt-get install python
Recommended
FROM debian:buster
RUN apt-get install python=2.7